I'm using Wildfly 8.2 to host an application at work, this application needs at some point to access a web service that allows only SSL connections. The web service does not belong to my company and I cannot alter any of its configurations. This web service uses a self signed SSL certificate, which has a common name (CN) different from the web service's domain.
I've added the web service's certificate to the JVM keystore, but the Wildfly server won't allow the connection to be completed on account of the common name on the web services's certificate being different from the domain name on its url.
So, in order for my application to be able to complete the SSL connection, I need to disable wildfly's common name verification. This is where the problem arrives, I've found only a few solutions on how to disable that property, 3 to be more precise. The first two involve adding a few extra lines to the standalone.xml configuration file, more precisely they both suggest that I add a "system-properties" tag after the "extensions" one.
The first one:
<extensions>
...
</extensions>
<system-properties>
<property name="cxf.tls-client.disableCNCheck" value="true"/>
</system-properties>
The second one:
<extensions>
...
</extensions>
<system-properties>
<property name="org.jboss.security.ignoreHttpsHost" value="true"/>
</system-properties>
None of these two worked for me. The third solution was using the parameter "-Dorg.jboss.security.ignoreHttpsHost=true" as I initialize the server, which had no effect as well.
How can I disable this common name check on wildfly 8.2?
For wildfly, Set the below system properties in standalone.xml
<property name="java.protocol.handler.pkgs" value="com.sun.net.ssl.internal.www.protocol"/>
<system-properties>
<property name="java.protocol.handler.pkgs" value="com.sun.net.ssl.internal.www.protocol"/>
<property name="org.jboss.security.ignoreHttpsHost" value="true"/>
<property name="cxf.tls-client.disableCNCheck" value="true"/>
</system-properties>